We just published this
whitepaper. It’s pretty hard to over-emphasize how the management, control and audit of both shared/privileged account passwords is mandatory in meeting PCI requirements.
Like all regulatory requirements, there is no single product or policy/procedure that can assure compliance! PCI compliance requires that your enterprise deploy many security technologies, and have specific policies and procedures in place.
This white paper focuses on the unique issues and solutions associated with both privileged password management and remote vendor access in meeting PCI compliance requirements. Many of the requirements highlighted cannot be resolved or adequately addressed by existing enterprise security technologies such as firewalls, VPN and IDS solutions. Existing legacy policies and procedures are also unable to meet many of the requirements standards presented under PCI.
No comments:
Post a Comment